docs: Improve consistency in Azure docs

- move `az aks create` to a separate file - remove `--generate-ssh-keys` as it's not required - use long flag names consistently - ensure each version creates 2-node clusters - ensure each version calls `az group create` - avoid asking user copy-paste API credentials, utilise exsiting dependency on `jq` Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>
mfijalko · Jun 18, 2020 · ab3f96c · ab3f96c
1 parent 0793cb9
commit ab3f96c
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 25 deletions.
diff --git a/Documentation/gettingstarted/k8s-install-aks-create-cluster.rst b/Documentation/gettingstarted/k8s-install-aks-create-cluster.rst
@@ -0,0 +1,19 @@
+.. note:: **Do NOT specify the '--network-policy' flag** when creating the cluster,
+    as this will cause the Azure CNI plugin to push down unwanted iptables rules:
+
+.. code:: bash
+
+   export RESOURCE_GROUP_NAME=aks-test
+   export CLUSTER_NAME=aks-test
+   export LOCATION=westeurope
+
+   az group create --name $RESOURCE_GROUP_NAME --location $LOCATION
+   az aks create \
+      --resource-group $RESOURCE_GROUP_NAME \
+      --name $CLUSTER_NAME \
+      --location $LOCATION \
+      --node-count 2 \
+      --network-plugin azure
+
+.. note:: When setting up AKS, it is important to use the flag
+          ``--network-plugin azure`` to ensure that CNI mode is enabled.
diff --git a/Documentation/gettingstarted/k8s-install-aks-get-credentials.rst b/Documentation/gettingstarted/k8s-install-aks-get-credentials.rst
@@ -0,0 +1,4 @@
+
+.. code:: bash
+
+    az aks get-credentials --name $CLUSTER_NAME --resource-group $RESOURCE_GROUP_NAME
diff --git a/Documentation/gettingstarted/k8s-install-aks.rst b/Documentation/gettingstarted/k8s-install-aks.rst
@@ -53,16 +53,15 @@ the cluster is ready.
 
 .. code:: bash
 
-        export RESOURCE_GROUP_NAME=group1
-        export CLUSTER_NAME=aks-test1
+        export RESOURCE_GROUP_NAME=aks-test
+        export CLUSTER_NAME=aks-test
         export LOCATION=westus
 
         az group create --name $RESOURCE_GROUP_NAME --location $LOCATION
         az aks create \
             --resource-group $RESOURCE_GROUP_NAME \
             --name $CLUSTER_NAME \
             --node-count 2 \
-            --generate-ssh-keys \
             --network-plugin azure
 
 Configure kubectl to Point to Newly Created Cluster
@@ -71,9 +70,7 @@ Configure kubectl to Point to Newly Created Cluster
 Run the following commands to configure kubectl to connect to this
 AKS cluster:
 
-.. code:: bash
-
-    az aks get-credentials --resource-group $RESOURCE_GROUP_NAME --name $CLUSTER_NAME
+.. include:: k8s-install-aks-get-credentials.rst
 
 To verify, you should see AKS in the name of the nodes when you run:
 

diff --git a/Documentation/gettingstarted/k8s-install-azure.rst b/Documentation/gettingstarted/k8s-install-azure.rst
@@ -17,15 +17,7 @@ Setup a Kubernetes cluster on Azure. You can use any method available as long
 as your Kubernetes cluster has CNI enabled in the kubelet configuration. For
 simplicity of this guide, we will set up a managed AKS cluster:
 
-.. code:: bash
-
-   export CLUSTER_NAME=aks-test
-   export LOCATION=westeurope
-   export RESOURCE_GROUP=aks-test
-   az aks create -n $CLUSTER_NAME -g $RESOURCE_GROUP -l $LOCATION --network-plugin azure
-
-.. note:: When setting up AKS, it is important to use the flag
-          ``--network-plugin azure`` to ensure that CNI mode is enabled.
+.. include:: k8s-install-aks-create-cluster.rst
 
 Create a service principal for cilium-operator
 ==============================================
@@ -37,9 +29,9 @@ cilium-operator:
 
 .. code:: bash
 
-    az ad sp create-for-rbac -n cilium-operator
+    az ad sp create-for-rbac --name cilium-operator > azure-sp.json
 
-The output will look like this: (Store it for later use)
+The contents of ``azure-sp.json`` should look like this:
 
 .. code:: bash
 
@@ -55,21 +47,19 @@ Extract the relevant credentials to access the Azure API:
 
 .. code:: bash
 
-    AZURE_SUBSCRIPTION_ID=$(az account show --query id | tr -d \")
-    AZURE_CLIENT_ID=aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa
-    AZURE_CLIENT_SECRET=bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb
-    AZURE_TENANT_ID=cccccccc-cccc-cccc-cccc-cccccccccccc
-    AZURE_NODE_RESOURCE_GROUP=$(az aks show -n $CLUSTER_NAME -g $RESOURCE_GROUP | jq -r .nodeResourceGroup)
+    AZURE_SUBSCRIPTION_ID="$(az account show | jq -r .id)"
+    AZURE_CLIENT_ID="$(jq -r .appId < azure-sp.json)"
+    AZURE_CLIENT_SECRET="$(jq -r .password < azure-sp.json)"
+    AZURE_TENANT_ID="$(jq -r .tenant < azure-sp.json)"
+    AZURE_NODE_RESOURCE_GROUP="$(az aks show --resource-group $RESOURCE_GROUP_NAME --name $CLUSTER_NAME | jq -r .nodeResourceGroup)"
 
 .. note:: ``AZURE_NODE_RESOURCE_GROUP`` must be set to the resource group of the
            node pool, *not* the resource group of the AKS cluster.
 
 Retrieve Credentials to access cluster
 ======================================
 
-.. code:: bash
-
-    az aks get-credentials --resource-group $RESOURCE_GROUP -n $CLUSTER_NAME
+.. include:: k8s-install-aks-get-credentials.rst
 
 Deploy Cilium
 =============
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,4 @@

		.. code:: bash

		az aks get-credentials --name $CLUSTER_NAME --resource-group $RESOURCE_GROUP_NAME